Change expiration dates for CVE-2026-33870 and CVE-2026-33871 (#1351)

liustve · web-flow · commit cd1acb9289fa · 2026-04-06T14:36:16.000-07:00
*Description of changes:*
Updated expiration dates for CVE vulnerabilities in trivyignore.


By submitting this pull request, I confirm that my contribution is made
under the terms of the Apache 2.0 license.
diff --git a/.github/trivy/pr-build.trivyignore.yaml b/.github/trivy/pr-build.trivyignore.yaml
@@ -11,7 +11,7 @@
 vulnerabilities:
   - id: CVE-2026-33870
     statement: "Netty HTTP/1.1 Request Smuggling. Fix: bump netty-bom to 4.1.132.Final. https://github.com/aws-observability/aws-otel-java-instrumentation/issues/1346"
-    expired_at: 2026-04-14
+    expired_at: 2026-04-21
   - id: CVE-2026-33871
     statement: "Netty HTTP/2 CONTINUATION frame flood DoS. Fix: bump netty-bom to 4.1.132.Final. https://github.com/aws-observability/aws-otel-java-instrumentation/issues/1346"
-    expired_at: 2026-04-14
+    expired_at: 2026-04-21
